When writing code that will run across hundreds if not thousands of websites, you should be extra cautious of how you handle data coming into Word Press and how it's then presented to the end user.This commonly comes up when building a settings page for your theme, creating and manipulating shortcodes, or saving and rendering extra data associated with a post.As part of that process, it needs to contact a certificate authority (CA) to get a ‘certificate’.
You can do this by going to the View Developer Tools menu.
Here’s what the developer tab looks like: If you click “View certificate” here is what you see: The certificate is listed as belonging to but it is in fact used by many other websites.
The intval() function casts user input as an integer, and defaults to zero if the input was a non-numeric value.
We then check to see if the value ended up as zero.
Sanitization is a bit more liberal of an approach to accepting user data.
We can fall back to using these methods when there's a range of acceptable input.Escape data as much as possible on output to avoid XSS and malformed HTML.Google’s Chrome web browser is used by over 50% of users on the web.However, there is a new CA called Lets Encrypt which issues free certificates to websites who want to use SSL. They are trying to make it free to use SSL to encrypt connections on the Web.However, they do not check to see if the website owner is pretending to be someone else.If it did, we'll save an empty value to the database.